[Python-Dev] Hash collision security issue (now public)
Barry Warsaw
barry at python.org
Fri Jan 6 01:31:28 CET 2012
On Jan 05, 2012, at 10:40 PM, Christian Heimes wrote:
>Hey Barry, stop stealing my ideas! :) I've argued for these default
>settings for days.
:)
>I've suggested the env var PYRANDOMHASH. It's easy to set env vars in
>Apache. For example Debian/Ubuntu has /etc/apache2/envvars.
For consistency, it really should be PYTHONSOMETHING. I personally don't care
how long it is (e.g. PYTHONIOENCODING).
>Settings for PYRANDOMHASH:
>
> PYRANDOMHASH=1
> enable randomized hashing function
>
> PYRANDOMHASH=/path/to/seed
> enable randomized hashing function and read seed from 'seed'
>
> PYRANDOMHASH=0
> disable randomed hashing function
Why not PYTHONHASHSEED then?
>Since there isn't an easy way to set env vars in a shebang line since
>something like
>
> #!/usr/bin/env PYRANDOMHASH=1 python2.7
>
>doesn't work, we could come up with a solution the shebang.
We have precedence for mirroring startup options and envars, so it doesn't
bother me to add such a switch to Python 3.3. It *does* bother me to add a
switch to any stable release.
>IMHO the setting for the default setting should be a compile time
>option. It's reasonable easy to extend the configure script to support
>--enable-randomhash / --disable-randomhash. The MS VC build scripts can
>grow a flag, too.
>
>I still think that the topic needs a PEP. A couple of days ago I started
>with a PEP. But Guido told me that he doesn't see a point in a PEP
>because he prefers a small and quick solution, so I stopped working on
>it. However the arguments, worries and ideas in this enormous topic have
>repeated over and over. We know from experience that a PEP is a great
>way to explain the how, what and why of the change as well as the paths
>we didn't take.
One way to look at it is to have a quick-and-dirty solution for stable
releases. It could be suboptimal from a ui point of view because of backward
compatibility issues. The PEP could then outline the boffo perfect solution
for Python 3.3, which a section on how it will be backported to stable
releases.
Cheers,
-Barry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-dev/attachments/20120105/54df8b54/attachment.pgp>
More information about the Python-Dev
mailing list